This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.

AnnouncementAnnouncement Module

Collapse

No announcement yet.

RFE: Provide a way to translate the JAAS LoginExceptionsPage Title Module

RFE: Provide a way to translate the JAAS LoginExceptions

Oct 14th, 2004, 10:21 AM

In my JAASLoginModule, I throw a subclass of LoginException upon InvalidCredentials, UserNotFound, .... However, the current LDAPProvider does not foresee a way to resolve the LoginException into an Acegi exception. I could just throw an Acegi exception straight away, but that would mean that the JAAS login module is dependent on Acegi, while it is the other way around.

To make a long story short, could the class JaasAuthenticationProvider be alter to call a method for resolving the LoginException, so I can subclass it and provide my own resolver ?

Code:

public Authentication authenticate&#40;Authentication auth&#41;
try &#123;
....
&#125; catch &#40;LoginException e&#41; &#123;
context.publishEvent&#40;new JaasAuthenticationFailedEvent&#40;auth, e&#41;&#41;;
// This could become the implementation of resolveLoginException&#40;e&#41;; so I can subclass and change behavior
//We have no way of knowing what caused the exception, so we cannot throw BadCredentialsException, DisabledException, or LockedException.
//So we'll just throw an AuthenticationServiceException
throw new AuthenticationServiceException&#40;e.toString&#40;&#41;&#41;;
&#125;

What's more, if the LoginModule throws an Acegi exception straight away, it gets wrapped in a LoginException by JAAS. The exception handler could look if the target exception of the LoginException is an Acegi exception, and use that one.

Code:

public Authentication authenticate&#40;Authentication auth&#41;
try &#123;
....
&#125; catch &#40;LoginException e&#41; &#123;
context.publishEvent&#40;new JaasAuthenticationFailedEvent&#40;auth, e&#41;&#41;;
resolveLoginException&#40;e&#41;;
&#125;
...
/**
* Tries to resolves a JAAS login exception into an Acegie exception, such as BadCredentialsException, DisabledException, UsernameNotFoundException or LockedException
* @param loginException The login exception causing the failed login
* @return AcegiSecurityException The corresponding exception of Acegi
*/
public AcegiSecurityException resolveLoginException&#40;LoginException loginException&#41; &#123;
// if the code needs to be compatible with pre 1.4, we need to use reflection here
if &#40;loginException.getCause&#40;&#41; instanceof AcegiSecurityException&#41; &#123;
return &#40;AcegiSecurityException&#41;loginException.getCause&#40;&#41;;
&#125; else &#123;
//We have no way of knowing what caused the exception, so we return the general AuthenticationServiceException
//So we'll just throw an AuthenticationServiceException
throw new AuthenticationServiceException&#40;loginException.toString&#40;&#41;&#41;;
&#125;
&#125;